OAuth endpoint “MultiLogin” identified as root for Google Chrome’s widely adopted session jacking exploit.
https://www.csoonline.com/article/1285861/highly-exploited-chromium-bug-traced-to-a-google-oauth-endpoint.html An undocumented Google OAuth endpoint has been identified to be the root of the notorious info stealing exploit that is being widely implemented by various threat actors in their codes since it appeared in October 2023. The critical exploit, which allows the generation of persistent Google cookies through token manipulation and enables continuous access…
Prior to Cyber Attack, Russian Attackers Spent Months Inside the Ukraine Telecoms Giant
https://www.cysecurity.news/2024/01/prior-to-cyber-attack-russian-attackers.html Kyivstar experienced a large-scale malfunction in December 2023, resulting in the outage of mobile communications and the internet for about 24 million users for several days. How? Russian hackers broke into the Ukrainian telecommunications giant’s system in May 2023. Ilya Vityuk, the chief of the Security Service of Ukraine’s (SBU) cyber security department, told…
Tackling Anti-Analysis Techniques of GuLoader and RedLine Stealer
https://unit42.paloaltonetworks.com/malware-configuration-extraction-techniques-guloader-redline-stealer/
Hackers target Apache RocketMQ servers vulnerable to RCE attacks
https://www.bleepingcomputer.com/news/security/hackers-target-apache-rocketmq-servers-vulnerable-to-rce-attacks/
North Korea Debuts ‘SpectralBlur’ Malware Amid macOS Onslaught
https://www.darkreading.com/threat-intelligence/north-korea-debuts-spectralblur-malware-amid-macos-onslaught
Iran’s APT33 targets US defense contractors with novel malware
https://www.scmagazine.com/news/iranian-threat-group-apt33-targets-us-defense-contractors-with-novel-malware
Hide and Seek in Windows’ Closet: Unmasking the WinSxS Hijacking Hideout
https://www.securityjoes.com/post/hide-and-seek-in-windows-closet-unmasking-the-winsxs-hijacking-hideout